Deterministic ECDSA - RFC6979

[karel-m]

It would be nice to support deterministic ecc signatures - see https://tools.ietf.org/html/rfc6979

It is related only to ecc_sign_hash_ex as the verification works as usual.

It can be done without any API change, simply when prng parametr of ecc_sign_hash_ex is passed NULL then we will not throw an error but create the deterministic signature as described in RFC6979.

Any takers?

Cc: @rmw42 - what do you think? IMO you have pretty impressive ECDSA-related traction during last few weeks 😄

[rmw42]

Yeah, it'd be a useful feature to support. If it can wait a week or two, I can find some time to work on it... the RFC is quite hard to follow but at the core it's only really a couple of chained HMAC operations, if memory serves, and there are a load of test vectors.

[karel-m]

No problem, it can wait a month (or two).

[rmw42]

OK, pretty sure I can find the time to do this, then 😄

[danzadok]

Hi,
I also would like to have this rfc6979 support.
Has it already implemented.

[rmw42]

Hi @danzadok!

Sorry, some stuff came up at the end of last year and I wasn't able to work on it. I've read through all the details in the RFC and I'm working on it now :)

[danzadok]

Thanks a lot. Please let me know when done. I will be your beta :) <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail&utm_term=icon> Virus-free. www.avast.com <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail&utm_term=link> <#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>

…

On Mon, Dec 31, 2018 at 6:12 PM Russ Williams ***@***.***> wrote: Hi @danzadok <https://github.com/danzadok>! Sorry, some stuff came up at the end of last year and I wasn't able to work on it. I've read through all the details in the RFC and I'm working on it now :) — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#441 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AYXLb7kXW_M7UEp2v8QdPjUY3acZFF6wks5u-jdegaJpZM4XFwAK> .

-- :) Danny Zadok

[danzadok]

Hi Any news about that? Danny

…

On Mon, Dec 31, 2018, 10:17 PM Danny Zadok ***@***.*** wrote: Thanks a lot. Please let me know when done. I will be your beta :) <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail&utm_term=icon> Virus-free. www.avast.com <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail&utm_term=link> <#m_983535513776717579_DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2> On Mon, Dec 31, 2018 at 6:12 PM Russ Williams ***@***.***> wrote: > Hi @danzadok <https://github.com/danzadok>! > > Sorry, some stuff came up at the end of last year and I wasn't able to > work on it. I've read through all the details in the RFC and I'm working on > it now :) > > — > You are receiving this because you were mentioned. > Reply to this email directly, view it on GitHub > <#441 (comment)>, > or mute the thread > <https://github.com/notifications/unsubscribe-auth/AYXLb7kXW_M7UEp2v8QdPjUY3acZFF6wks5u-jdegaJpZM4XFwAK> > . > -- :) Danny Zadok

[danzadok]

Hi
I really need this feature. Can someone help me to implement it?

[rmw42]

Sorry, I've been really short on time recently :(
This is as far as I've got so far: #477

It's still not working correctly, I need to dig into the results of the hash chain and check that it's coming up with the correct results/keys.

[bbrtj]

Hey, any news? Is anyone working on this?

[joakim-tjernlund]

This seems stalled?